Skip to content

fix(ui): updates auth fields UI to reflect access control #12745

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jun 25, 2025
Merged

fix(ui): updates auth fields UI to reflect access control #12745

merged 4 commits into from
Jun 25, 2025

Conversation

jessrynkar
Copy link
Member

What?

Reflects any access control restrictions applied to Auth fields in the UI. I.e. if email has update: () => false the field should be displayed as read-only.

Why?

Currently any access control that is applied to auth fields is functional but is not matched within the UI.

For example:

  • password that does not have read access will not return data, but the field will still be shown when it should be hidden
  • email that does not have update access, updating the field and saving the doc will not update the data, but it should be displayed as read-only so nothing can be filled out and the updating restriction is made clear

How?

Passes field permissions through to the Auth fields UI and adds docs with instructions on how to override auth field access.

Testing

Use access-control test suite and auth collection. Tests added to access-control e2e.

Fixes #11569

@jessrynkar jessrynkar enabled auto-merge (squash) June 25, 2025 13:54
@jessrynkar jessrynkar merged commit 1845669 into main Jun 25, 2025
302 of 308 checks passed
@jessrynkar jessrynkar deleted the fix/restricted-auth-fields-ui branch June 25, 2025 13:55
@github-actions GitHub Actions
Copy link
Contributor

🚀 This is included in version v3.44.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JarrodMFlesch JarrodMFlesch JarrodMFlesch approved these changes

Assignees
No one assigned
Labels
created-by: Payload team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Unable to manage access control for auth fields when more than one collection has auth enabled.
2 participants
@jessrynkar @JarrodMFlesch